package com.liy.teaching.core.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;


@RestController
public class TestControllerWithAnnotation {

    // 基于 权限码(资源码)
    @PreAuthorize("hasAuthority('sys.user.add')")
    @GetMapping("/test20")
    public String test20() {
        return "test20 success";
    }

    @PreAuthorize("hasAnyAuthority('sys.user.add','sys.user.delete')")
    @GetMapping("/test21")
    public String test21() {
        return "test21 success";
    }



    // 基于角色
    @PreAuthorize("hasRole('ROLE_admin')")
    @GetMapping("/test22")
    public String test22() {
        return "test22 success";
    }


    @PreAuthorize("hasAnyRole('ROLE_admin','ROLE_manager')")
    @GetMapping("/test23")
    public String test23() {
        return "test23 success";
    }




}
